VYPR
Unrated severityNVD Advisory· Published Dec 5, 2024· Updated Dec 5, 2024

PHP Session Fixation

CVE-2024-11317

Description

Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product. Affected products:

ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

Affected products

6
  • Abb/ASPECT-Enterprisellm-fuzzy2 versions
    = v3.08.02+ 1 more
    • (no CPE)range: = v3.08.02
    • (no CPE)range: 0
  • Abb/NEXUS Seriesllm-fuzzy2 versions
    = v3.08.02+ 1 more
    • (no CPE)range: = v3.08.02
    • (no CPE)range: 0
  • Abb/MATRIX Seriesllm-fuzzy2 versions
    = v3.08.02+ 1 more
    • (no CPE)range: = v3.08.02
    • (no CPE)range: initial

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.